Cyber attacks are on the rise, targeting both public and private sectors, and this is especially true in healthcare. Securing patient data and building systems that can withstand these attacks is crucial. The NHS trusts in the UK have faced significant threats, and the impact is real. In 2024, an attack on an NHS supplier led to over 10,000 missed appointments and nearly 2,000 cancelled procedures, putting patients in critical situations and damaging public trust.
This problem is escalating. Hackers are becoming more daring and are sharing tactics to exploit weaknesses in security. To combat this, governments, healthcare organizations, and tech companies need to rethink how they approach data security and cooperation. Using privacy-enhancing technologies (PETs) to securely share sensitive information can help maintain patient privacy while enhancing cybersecurity. PETs not only protect data but also open up new possibilities in healthcare. They can expedite medical research and strengthen security measures, ensuring sensitive information is safeguarded.
Healthcare data is fragmented, spread across various hospitals, research institutions, and agencies. This fragmentation leads to inefficiencies and can create opportunities for cyber criminals. AI and advanced analytics hold the key to improving healthcare and security, but only if they have access to diverse and comprehensive data sets. To address this challenge, we must create a framework that prioritizes privacy, security, data sovereignty, and regulatory compliance. Technologies like homomorphic encryption and federated learning allow organizations to collaborate and glean insights without compromising data privacy. For example, at Duality, we’ve partnered with the Dana-Farber Cancer Institute to use PETs in cancer research, which significantly improved patient outcomes.
Collaboration between healthcare entities and government is vital for resilience. Secure data-sharing mechanisms can enhance public health responses, improve disease tracking, and ensure coordinated efforts during crises. Tackling data silos with privacy-centric solutions is essential for maintaining public trust.
On a global scale, effective healthcare cannot ignore the need for international data collaboration, especially during pandemics. However, differing data protection rules can complicate things. Countries need to establish secure frameworks for cross-border cooperation. The US-UK PETs Prize in 2023 showcased the potential of these technologies in healthcare research.
Today’s cybercriminals are quick to share information amongst themselves, making it crucial for us to do the same. The dark web is filled with stolen health records and ransomware strategies, allowing attackers to stay ahead. The saying “it takes a network to defeat a network” rings true. By securely sharing threat intelligence, governments and healthcare providers can keep ahead of cyber threats. Technologies like PETs allow for safe exchanges, ensuring that sensitive operational data remains protected.
The Covid-19 pandemic underscored the importance of secure data collaboration, whether in vaccine development or virus tracking. Our work with DARPA to study Covid-19 susceptibility while keeping individual privacy intact is a prime example. We then used that same technology to share cyber threat intelligence across sectors, resulting in detection models that were up to 300% more effective compared to those trained on isolated data. This demonstrates the flexibility and critical role of PETs in building resilience through collaboration.
Protecting healthcare from cyber threats goes beyond defensive measures; it’s about safeguarding lives. Secure collaboration among healthcare organizations, government, and international partners is now a necessity, rather than a luxury. We must prioritize privacy and security in these efforts. Privacy-enhancing technologies will play a significant role in this landscape, allowing collaboration while ensuring compliance and fostering trust. By combining PETs with strong governance and supportive legislation, we can build a robust infrastructure that meets three essential goals: protecting patient data, enhancing medical research, and boosting cybersecurity.
As cyber threats continue to surge, the real question is not if organizations should collaborate securely but how swiftly they can implement the right tools to do so. The time to act is now.